Secure your pin2pin messages on BlackBerry

For the longest time I was told that using my BlackBerry 9930 on BIS, I would not be able to send secure text/email/pin2pin messages etc. Or at least not as secure as if I was on a BES. Recently I found a way to send a pin message from one blackberry to another using a password to encrypt the message. I'm not sure having just figured this out if this is a 9930 or 7.1 os only feature etc but figured I would share it in the general forum for those who don't yet know about it and are as security conscious/paranoid as me. Not sure how secure it actually is but has to be better then the regular pin2pin.

1) Select contact from contact list that has a BlackBerry pin saved.
2) Hit the menu button and select option to send a pin message to that contact.
3) Go up to where it says encoding and select s/mime (encrypt)
4) Once S/mime (encrypt) has been selected hit the BlackBerry button and select options. Scroll down to select use password based encryption, hit the BB button and save.
5)Type message keeping in mind the subject line will not be encrypted.
6) Hit the BB button and send
7) Enter the password the recipient will need to enter upon receiving the message in order to decrypt an read it.
8) Once password has been entered twice, select ok to send your encrypted message to your contact. Once they enter the password on their phone they will be able to read the body of the message.

Theres one small problem with this. According to RIM, S/MIME is only supported within a BES environment (according to all of their support documentation). If your 9930 is also on a BES, this would explain it.

However, I just checked my 9930 and found Ive got the same encoding options and Im NOT on a BES system. But I do have the BB Redirector running, so Ive got the app-generated keys, as well as personal and work email keys loaded in this device, so Im also puzzled.

Im at least as security conscious/paranoid as you, perhaps more so, so I would like to use this, too, assuming I can find anyone else I know who has a Blackberry (not easy these days).

But also, dont you need to have a key exchange with the intended user so you can encrypt back to them? It appears that the 9930 can do that only with a PIN message (sign but dont encrypt), but theres nothing documented about saving the key from an incoming message (or PIN).

I think you have this confused with another service. SMIME never exchanges passwords, only public keys and encrypted content.

Each recipient uses their own private key to decrypt something thats been encrypted (for them) using the intended recipients public key. This method allows you to freely give out your own public key through non-secure channels, since only you can de-crypt it. BES and the Blackberry Redirector do this automatically and the result is a fully secure channel that quite a few governments are not able to crack

Basically you are creating your own key. As I see my friends in person I have told them what the password will be as to not tell them over unsecured text etc. Just an option that happens to work over BIS...but as was pointed out it's hard finding BlackBerry users nowadays. My only security related question with this is the password you create for the other person to enter encrypted when it is being sent or could it be found in the first few lines of code.

Is that really a system? Well I like to keep the files secured but am not as paranoid as You are. So I don't like taking much efforts for doing same. If there is some simple way out, its well and good. If not I can manage without. Anyways thanks for letting us know of that.http://www.hypedc.com/authentic-black-black.html

CrackBerry is in no way Affiliated with BlackBerry. We take pride in our unbiased content, however do occasionally receive free products from vendors that we review or discuss. For more info click here.